Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label security threat. Show all posts
security threat
AI Phishing Cybbercrime Cyber Attacks Cybersecurity CyberThreat Cyerhackers Phishing scam security threat

Lack of Phishing Awareness Among Executives Poses a Security Threat

 


Even though phishing scams are predicted to continue to pose a serious cybersecurity threat in the years to come, recent research has highlighted the fact that a worrying gap in awareness among business leaders has been identified as a major concern. The study found that a vast majority of executives in the United States are unable to recognize all the warning signs of a phishing email. This demonstrates that corporate security practices are vulnerable. 

As cyber threats have become increasingly sophisticated, the threat to personal and corporate data has risen. Security breaches and ransomware attacks have become increasingly common, driven by advances in artificial intelligence, which have enabled cybercriminals to develop more deceptive and efficient scams as a result of advances in artificial intelligence. Organizations are constantly facing new threats, as the digital landscape continues to evolve. As phishing tactics emerge every day, it becomes increasingly challenging for organizations to stay ahead of them. 

Cybersecurity awareness must be raised at the leadership level to mitigate these risks and protect sensitive information. There is currently a significant gap in cybersecurity knowledge among senior executives, raising concerns about how businesses are resilient to phishing attacks, according to a recent study. The findings suggest that only 1.6% of senior leaders were able to identify all key indicators of phishing emails in a correct manner, which indicates a critical weakness in cybersecurity defences at organizations. 

The lack of awareness is putting businesses at considerable risk, as phishing remains the most common method cybercriminals use to gain access to corporate networks. Phishing scams are expected to continue to cause major concern to businesses in 2025, as data indicates that these attacks directly lead to security breaches in the future. As a result of the survey, 40% of organizations experiencing a breach attributed the incident to phishing, which is the second most common cause of cybersecurity failures after malicious attacks. The number of breaches caused by computer viruses was second only to those caused by malware, affecting 53% of firms. 

In light of these findings, executives must enhance cybersecurity training and awareness initiatives so that they can mitigate the growing threats posed by phishing and other cyber threats to mitigate them. A report published annually examines the changing trends shaping the business landscape by looking at the impact of technology on the workplace. Technology advances, including cybersecurity, have been assessed comprehensively in this study to assess the impact they have on businesses daily. 

The latest study surveyed 1,036 senior executives and workplace managers from a variety of industries to gain insights into how organizations are dealing with these changes. This study reveals a concerning lack of leadership preparedness for data protection, which is concerning. Even though cyber threats are becoming increasingly sophisticated, many senior leaders in organizations are still unprepared to deal with vulnerabilities within their organizations. This study illustrates the urgency of improving cybersecurity training and establishing strategic initiatives to enhance data security measures in this era when digital threats continue to grow in sophistication. 

The study, conducted a few months ago, surveyed 1,036 U.S. business leaders to determine if they could recognize certain indicators of phishing emails from real emails. Participants were evaluated on their sensitivity to common red flags, among them: Spelling and grammatical errors Emails received from unfamiliar senders Requests for sensitive information Messages conveying urgency or threats Senior executives are showing a troubling lack of cybersecurity awareness, according to the findings of this study. 

Alarmingly, 33% of respondents failed to recognize when they received an email from an unknown sender that it might be a potential phishing scam. Even more concerning is that 47% of respondents failed to identify a tone of urgency or threat as a sign of phishing scams. In 2024, phishing attacks are estimated to have accounted for 40% of all data breaches affecting businesses, a sharp increase over 2023, when phishing attacks made up 23% of data breaches. Another finding of the study is that nearly a third (19%) of business leaders do not understand the concept of two-factor authentication, which is a fundamental security measure aimed at protecting against unauthorized access to their business systems. 

A significant gap is evident in cybersecurity education at the leadership level, indicating that serious concerns have been raised about organizations' data protection strategies. As a result, there will be substantial financial consequences for businesses if these vulnerabilities are exploited, with data breaches costing on average $4.88 million in 2024, which is an increase of 10% over last year's cost. Tech.co's Editor, Jack Turner, emphasizes the importance of addressing this matter and emphasises that research serves as a wake-up call for business leaders who may underestimate the risks associated with cybercrime. 

A significant percentage of respondents were unable to identify even the most basic signs of phishing attempts, which indicates why phishing attacks remain so effective. A company's cybersecurity training programs should not be limited to the IT department. They should be available to all employees, including entry-level employees and senior managers. Only by continuously increasing the level of education and vigilance can organizations strengthen their defences against cyberattacks, which are becoming increasingly commonplace. 

The business continues to suffer from significant financial and reputational damage as a result of poor cybersecurity practices, a result in data breaches that result in substantial revenue losses and long-term brand erosion. Since these risks must be taken into account, cybersecurity has become a top priority for companies, and leadership must take active steps to enhance security measures within their organization. 

The problem is, however, that many senior executives do not possess the fundamental knowledge they need to be able to implement effective security strategies. The latest survey reveals that almost 19% of senior leaders are unable to define multi-factor authentication (MFA) correctly, despite it being widely recognized as an effective tool to safeguard sensitive data, even though nearly 19% of them cannot do so. 

As a consequence, there is a significant vulnerability at the leadership level as they play a pivotal role in shaping and enforcing cybersecurity policies, and these policies are tightly regulated by their organizations. As a part of establishing a robust cybersecurity framework for an organization, senior leadership needs to take an active role in acquiring knowledge of key security measures and becoming familiar with those measures. However, securing an organization cannot rest solely in the hands of executive management. 

To develop a comprehensive security strategy, the entire company must be involved, with all employees being able to recognize and respond to potential threats. With technology progressing at such a rapid pace, investing in cybersecurity education at all levels of an organization is no longer an optional investment; rather, it is a must. By implementing structured training programs, companies can ensure their employees and executives remain alert to the ever-changing cyber threats. 

By cultivating a culture of cybersecurity awareness, businesses can ensure that their data, financial stability, and long-term reputation are protected in an increasingly digital environment, thus enhancing the efficiency of their business. Several key findings of the report reveal the urgent need for senior executives to have a better understanding of cybersecurity. 

Organizations must address this knowledge gap by providing comprehensive training and utilizing robust security frameworks that can strengthen their defences against cyberattacks from the outside. Cyber threats are becoming more advanced every day, and proactive leadership as well as company-wide awareness will be of crucial importance for mitigating risks and safeguarding business operations in a world where everything is going digital.
Read more »
security threat
Cyber Attacks Cyber Scams CyberCrime CyberThreat Digital Detention Fraud security threat

Cybercriminals Impersonate Law Enforcement in New 'Digital Detention' Scam

 


As part of a collaboration between the Indian Cyber Coordination Centre (I4C) and Microsoft, an anti-cyber fraud agency has banned more than 1,000 Skype accounts that are believed to have been used to intimidate, blackmail, extort and digitally arrest citizens by cybercriminals posing as police officers, the Central Bureau of Investigation (CBI), the Narcotics Department, the RBI, or Enforcement Directorate. During the past few years, the Indian digital industry has grown at a rapid pace. 

It is increasingly necessary to rely on the Internet for everything from shopping and banking to travel and UPI. It is also important to note that because of this dependence on the digital space, threats such as scams are also present. The number of online scams has increased since a few months ago. Cybercriminals continue to find new ways to exploit technology to steal money from unsuspecting victims. It has been reported that a scam dubbed the 'Digital Arrest Scam' has been spreading rapidly over the past few days. 

Fraudsters are doing an increasingly good job of masquerading as law enforcement officers to trick unsuspecting victims with chillingly simple but extremely effective techniques. They pose as police officers or officers from the CBI or ED and launch online interrogations over platforms such as WhatsApp or Skype, where victims can be monitored over the camera while the fraudsters pose as officers from these agencies. 

As a result, the victims of these crimes are isolated, and forbidden from contacting anyone of importance, and the perpetrators threaten them in an attempt to extract money from them. As a result of "interrogation" a victim could be held in custody for anything from a few hours to a few days, and they would be told that they are locked up in a virtual prison. There was this new report about a 40-year-old doctor who was victimized by a scam called Digital Arrest Scam. 

The victim, a doctor in Noida, lost Rs 59.54 lakh as a result of cybercriminals. Fraudsters who posed as telecom officials called the victim on the phone and informed her that her name was associated with a case of money laundering and they wanted to expose her. After that, the phone was transferred to a supposed police officer from Mumbai's Tilak Nagar Police Station, who was later arrested. 

According to the "officer" the police informed the victim that an investigation had been opened into her sharing of pornographic videos, and an arrest warrant had been issued for her. Furthermore, the criminals claim that she had been implicated in a money laundering case involving Jet Airways founder Naresh Goyal and that the National Security Act of 1947 had been invoked against her to obtain her arrest. 

It was during this period that the victim was placed under digital arrest while the scammers asked for her details to steal money from her bank account between the 15th and 16th of July. As a first step in their scam strategy, scammers usually cast a wide net, calling individuals and claiming that drugs have been found inside their courier packages or that their personal information is being used to hide money. They are then subjected to a high-pressure interview process while being threatened with legal action or even arrest to obtain the details of the crime. 

An incident in which fraudsters informed the victim that his mobile number was discovered during an investigation of the criminal case against a former minister in the NCP, led to him believing that he had been targeted. Cybercriminals have developed elaborate setups that resemble police stations to enhance their credibility. These setups usually include men wearing uniforms and logos that appear to be officially licensed. 

In a disturbing case of cybercrime, scammers used a fake profile picture of a policeman on WhatsApp to deceive a businessman. The criminals accused the businessman of being involved in human trafficking, leveraging his fear and trust in authority to manipulate him. They sent him a fabricated arrest warrant and a seizure order via an online link, further escalating the pressure on the victim. In a brazen move, one of the scammers even impersonated a Supreme Court judge during a phone call with the businessman.

Through these deceptive tactics, the fraudsters convinced the businessman that he needed to undergo a "fund legalization process" and deposit his money into an account purportedly held by the Reserve Bank of India (RBI). The scam, which unfolded over a gruelling period of seven to eight hours, resulted in a significant financial loss of Rs 1.3 crore for the victim.

Despite the severity of such incidents, victims often find themselves without adequate support. While the government has publicized a cybercrime helpline number, 1930, it merely directs complainants to file their cases on the website www.cybercrime.gov.in. Even after a complaint is lodged, the responsibility to follow up and ensure action is taken largely falls on the victim.

This case highlights the broader issue of law enforcement agencies not playing a proactive role in assisting citizens who fall prey to online fraudsters. The lack of timely intervention and investigation into cybercrimes exacerbates the distress faced by victims. As cybercrime rates continue to rise, there is a pressing need for law enforcement to enhance their responsiveness and take on a more active role in protecting citizens from such sophisticated digital threats.

Read more »
security threat
Cyber Attacks cyber threat Cyberattacks CyberCrime Dream Sports MII Sebi security threat

SEBI Circular Forces Stock Gaming Apps to Shut Down and Reevaluate

 


As of May 24, a circular was issued by SEBI prohibiting stock exchanges and intermediaries in India from sharing time-sensitive share price information with fantasy trading platforms that gamify stock trading in real-time.

In the week after the Securities and Exchange Board of India (SEBI) announced that such services should cease operation for the time being, nearly half a dozen startups focused on stock gaming have either shut up shop, paused operations, or are considering pivotal moves. It is becoming increasingly difficult for companies that use dated data to retain young customers, to continue to appeal to them as the appeal of leisure or educational live gaming and simulations is fading.

As part of the latest wave of startups to feel the heat, Trinkerr, founded and backed by Accel and Kunal Shah, has paused the development of its gaming product to contemplate its next move. An app for fantasy stocks backed by Dream Sports - Investro - has been discontinued and withdrawal requests are being accepted for it. Market regulators have ordered stock exchanges, clearing companies, and depositories to review the fees they charge members such as stock brokers and depository participants to ensure that they remain competitive. 

A market infrastructure institution (MII) refers to a market institution such as an exchange, clearing corporation, or depository. Brokers bear the cost of providing these services to investors, and they are recouped by investors as service charges. There have currently been several issues related to Trinkerr, such as the fact that the app has never been a pure-play gaming app (without rewards or incentives), but rather focuses on educational aspects and that the data is being delayed by five minutes. Due to the mandate that was placed upon exchanges and intermediaries, the product has become ineffective as a result of these changes. 

There is no doubt that delayed data, especially with the variability of expiration dates in F&O trading, can lead to confusion and be detrimental to the educational experience for our users if they introduce inaccuracies into the market conditions that are being studied by them. Investor and Trinkerr are not the only firms facing distress as regulations change as a result of several factors. SEBI's new norms apply to exchanges and market intermediaries, such as brokerages, on June 24, the first day they went into effect.

These norms prohibit exchanges and market intermediaries from sharing "live" data with third-party platforms offering virtual trading, thrilling fantasy games, or educational courses. It was announced on May 22 that "investor education and awareness activities (which do not involve monetary incentives for users) can be supported by delayed data feeds (with a 1-day lag)," said the Financial Services Authority in a circular. This move by SEBI to crack down on virtual trading and stock gaming apps comes at the same time as retail investors become more interested in futures and options (F&Os), as well as with concerns about a parallel market that lies outside of its jurisdiction.

There has been a heated discussion among investors regarding social trading apps, with some arguing that they should be viewed as skill-based games, according to Sanjam Arora, Partner at Trilegal. "SEBI is concerned that users of the above applications will not be provided with the same level of protections as investors typically receive in the market for securities daily.". Several concerns have been raised about the possibility that gamifying the trading experience could encourage high-risk behaviours among users that may lead to more dangerous behaviour in the real world, as well,” she stated.
Read more »
Technology
Cloud data security security threat Technology

Bridging the Gap Between Cloud vs On-premise Security

 

In the current landscape, the prevalence of the cloud era is undeniable, and the market is characterized by constant dynamism. Enterprises, in order to maintain relevance amid this competitive environment, are unmistakably demonstrating a keen interest in embracing cloud technologies. What motivates this significant shift? 

Cloud-centric security strategies, exemplified by initiatives like Secure Access Service Edge (SASE) and Security Service Edge (SSE), encompassing components such as Secure Web Gateway (SWG), Cloud Access Security Brokers (CASB), Data Loss Prevention (DLP), and Zero Trust Network Access (ZTNA), efficiently extend security to wherever corporate users, devices, and resources are located—leveraging the cloud as the central hub. 

With all security functionalities seamlessly delivered and managed through a unified interface, the security of both inbound and outbound traffic, often referred to as north-south traffic, is significantly fortified. 

On the flip side, the internal network's east-west traffic, which moves within the confines of data centers and the network but does not cross the network perimeter, remains untouched by the security checks implemented through cloud-based measures. 

A potential workaround involves keeping a traditional data center firewall dedicated to overseeing and regulating internal, east-west traffic. However, this hybrid security approach introduces increased expenses and intricacies in handling diverse security solutions. Many organizations strive to address these challenges by opting for integrated, cloud-based security stacks to streamline management and mitigate the complexities associated with maintaining separate security measures. 

To ensure comprehensive security coverage for organizations, a solution is required that safeguards both north-south and east-west traffic. The key lies in orchestration through a centralized, cloud-based console. Achieving this can be approached in two ways: 

1. Via WAN Firewall Policy 

Cloud-native security frameworks like SASE and SSE can provide east-west protection by directing internal traffic through the nearest point of presence (PoP). Unlike traditional local firewalls with their own setup limitations, SSE PoP allows firewall policies to be managed centrally through the platform's console. Admins can easily create access rules in the unified console, such as permitting authorized users on the corporate VLAN with approved, Active Directory-registered devices to access specific resources in the on-premise data center, following Zero Trust Network Access (ZTNA) principles. 

2. Via LAN Firewall Policy 

In a security-conscious scenario, where an IoT VLAN's CCTV camera needs access to an internal server, disabling default internet/WAN access is wise to prevent cyber threats. Implementing data center firewall policies at the Point of Presence (PoP) may not affect devices like IoT cameras with no internet access. 

SASE and SSE platforms address this by empowering administrators to set firewall policies on the local SD-WAN device. Organizations connect to SASE/SSE PoPs through this SD-WAN device, allowing direct rule configuration for internal LAN traffic. Pre-defined LAN firewall policies are locally enforced, with unmatched traffic sent to the PoP for further assessment, enhancing security management efficiency.
Read more »
security threat
Cyber Security Data Management Data Safety IT Leaders security threat

Over Fifty Percent Businesses Feel Security Element is Missing in Their Data Policy

 

These days, the average business generates an unprecedented amount of data, and this amount is only expected to increase. 

According to a new report from Rubrik Zero Labs, this makes data security - an absolute must for any successful business - a Herculean task that will only become more difficult. 

The company discovered that a typical organisation's data has grown by nearly half (42%) in the last 18 months. Overall, data from SaaS grew the most (145%), followed by cloud (73%), and on-premises endpoints (20%). A typical organisation has 240 backend terabytes (BETB) of data volume, which Rubrik expects to increase by 100 BETB in the next year and by 7x in the next five years. 

Outpacing security practises 

A significant portion of this data is classified. Global organisations have an average of 24.8 million sensitive data records, with 61% storing them in multiple locations (cloud, on-premises, and SaaS). Only 4% have secure data storage facilities. 

Over fifty percent (53%) lost sensitive information in the last year, with 16% experiencing multiple data loss incidents in the previous year. The majority of the time, organisations would lose personally identifiable information (38%), company financial information (37%), and authentication credentials (32%). 

Worryingly, two-thirds of respondents (66%) said their company's data is increasing faster than their ability to control it. Almost every company (98%) have visibility issues, and two-thirds (62%) have difficulty complying with laws and regulations. More than half (54%) have only one senior executive responsible for data security.

According to the report, there is a notable disparity between the perceptions of IT leaders in India and security. Of them, 49% believe that their organization's data policy lacks security, and 30% believe that their organisation faces a significant risk of losing sensitive data in the next 12 months. 

As per the report, 34% of Indian IT leaders believe that their organization's data is at greater risk from malicious hackers, and 54% of them admit that their capacity to handle data security risks has not kept up with the increasing amount of data. 

Rubrik commissioned the study, which was carried out by Wakefield Research among more than 1,600 IT and security decision-makers at firms with 500 or more employees. Half of those polled were CIOs and CISOs, while the other half were Vice Presidents and directors of IT and security. According to the statement, the survey supplemented Rubrik telemetry by examining more than 5,000 clients from 22 industries and 67 countries. 

The report, according to Abhilash Purushothaman, Vice-President & General Manager, Rubrik (Asia), serves as a wake-up call for Indian IT leaders. It highlights the greater risks for private data, particularly in the face of rapidly changing, sophisticated ransomware attacks, he added.
Read more »
VPN
Customer Service Issues Cyber Security Free VPN IP Address Phising Attacks security threat VPN

Risks of Free VPNs: Proceed with Caution

Virtual Private Networks (VPNs) have developed into an essential tool for protecting online security and privacy in today's digitally connected society. Despite the wide range of options, a sizable portion of consumers favour free VPN services. However, it's important to be aware of any risks connected to these ostensibly cost-effective alternatives before jumping on the bandwagon.

Free VPN services frequently have restrictions that limit how much security and privacy they can offer. They might impose a data cap, slow connection rates, or impose server access restrictions. 'You get what you pay for,' is true in the world of VPNs. 

Free VPNs' data logging rules are among their most alarming features. Numerous of these services gather and keep track of user data, including browsing patterns, IP addresses, and even private data. Data breaches or targeted advertising may result from the sale of this information to outside parties. This lack of transparency poses a serious threat to user privacy.

  • Security Vulnerabilities: An additional weakness of free VPNs is their insufficient security measures. The strong encryption methods that paying equivalents offer are frequently absent from these sites. Users become more vulnerable to online dangers as a result, leaving them open to potential hacks or attacks from online criminals.
  • Malware and Adware ConcernsFree: VPNs have a reputation for injecting viruses or bothersome adverts during customers' browsing sessions. These intrusive activities, not only damage user experience but also offer serious security threats. 
  • Unreliable Customer Support: Free VPN providers typically offer limited or no customer support, leaving users on their own if they encounter technical issues or need assistance with the service. This lack of support can be frustrating and potentially detrimental in critical situations.

With VPNs, quality is a function of price. Although they may be alluring, free VPN services carry a number of dangers that could jeopardize your online privacy and security. Prioritizing trustworthy, paid VPN services with strong security, open policies, and dependable customer support is crucial. Keeping your online identity secure is ultimately a worthwhile investment. 





Read more »
security threat
American Schools Artificial Intelligence cyber attack Educational Institute security threat

Role of Artificial Intelligence in Preventing Cyberattacks at K-12 Schools

 

Artificial intelligence (AI), according to cybersecurity professionals, might be a key component in averting ransomware attacks at K–12 institutions. There were roughly 1,619 ransomware assaults on school systems between 2016 and 2022, K12 Security Information Exchange (K12 SIX) stated. Sensitive information regarding kids, parents, and teachers has been made public as a result of these attacks, in addition to causing financial losses. 

A potential solution to this problem, according to Doug Levin, director of K12 SIX, is artificial intelligence. When IT staff is not accessible, he thinks AI can serve as a substitute set of eyes to keep a check on school networks. The technologies that schools already employ already include AI thanks to several manufacturers. This technology actively guards against cybercriminals trying to hack into systems and steal important data by keeping an eye on the network and taking preventative actions. 

“They’ve resulted in the publication of some incredibly sensitive information about students, about parents and about educators themselves,” explained Doug Levin. “One of the benefits of AI is that they can be that set of virtual eyes on the school networks when the IT staff are not able to do that.” 

However, Levin expressed his concerns regarding the expected high cost of implementing this cutting-edge technology into use. While AI could save schools from hiring more security-focused IT staff, the cost of these solutions might go up over time. 

The U.S. Department of Education has established a federal council to help school districts prepare for, respond to, and recover from such attacks in light of the growing threat posed by security incidents. 

Beyond the classroom, AI's potential for cybersecurity exists. It is increasingly being used to detect and prevent threats in an array of enterprises. AI can enhance security measures and offer early warnings for potential threats thanks to its capability to analyse vast quantities of data and detect patterns. 

While AI has the potential to strengthen cybersecurity defences, it is vital to continue to be on guard and prioritise cybersecurity education and training for all parties involved in the educational systems. Education institutions' level of safety can be significantly improved by better education combined with cutting-edge technologies like AI.
Read more »
security threat
Cyberattacks Cybercrimes Data Breach MOVEit Ransomware security threat

Security Breach: Clearweb Sites Attacked by MOVEit, Data Exposed

 


A cybercrime syndicate used by the Clop ransomware gang is substantially more prevalent than any other cybercrime syndicate in exploiting the MOVEit vulnerability than any other. As an additional complication, the ransomware gang's data stolen through the MOVEit vulnerability is now leaked onto the Clearweb domain.

It was reported in May of this year that a ransomware gang known as the Clop ransomware group exploited a vulnerability in the MOVEit file transfer software. This vulnerability exposed the data of hundreds and thousands of companies and organizations, including Boots, British Airways, the BBC, and many others.  

As a result of the ransomware gang's efforts to leak data stolen through MOVEit, publicly accessible websites have been set up. In general, ransomware leak sites are commonly hosted on open-source privacy networks that allow web users to surf anonymously, so law enforcement has trouble accessing the infrastructure. As opposed to this, this type of website is hosted on a public server. This allows the site to be indexed by search engines and amplified through these means.  

A report published by Bitdefender reports that many of those who made payments handed out substantially more than the global average ransomware amount, just $740,144 (£577.34), an increase of 126% from the first quarter of 2023, which is a record level. Coveware estimates that it earned approximately $75-100 million from victims hit with extremely high ransoms for a small number of victims. 

Based on the data provided by Coveware, the approximate earnings of the attackers range from $75-100 million (£58.7-78 million), from just a small number of victims who paid extremely high ransoms. 

It has been reported by security researcher Dominic Alvieri that the hacking group created and released its first public access website to leak data stolen from PWC, which is a business consulting firm, for the past two years during his research on the clop operation. In the last couple of years, the website has been taken down from the internet. 

A Clop ransomware gang exploits an ALPHV version of its extortion tactic to spread ransomware. It takes advantage of the Internet by creating websites that target specific victims to leak their data and further pressurise them into paying ransoms. 

Data is stolen from corporate networks when a ransomware gang attacks a target. As a result of the ransomware, this data is encrypted. When victims do not pay the ransom, they will receive a notification that their data will be leaked if payment is not made. This is the most common part of double-extortion attacks. 

There are usually sites on the Tor network that are responsible for leaking ransomware data in the form of leaks. The more secure the website is, the more difficult it is for law enforcement to seize the web infrastructure or take down the website if they want to take down the website. Despite this, running a ransomware operation is associated with many unique problems due to its hosting method.

There are several barriers to accessing leaked sites, including a specialised Tor browser. In addition, there is a lack of indexation of leaked data by search engines and very slow download speeds. 

ALPHV, also known as BlackCat, a ransomware operation from China, introduced an innovative extortion tactic last year by creating clear websites to leak stolen data. This was so that employees could check if their data was compromised and was designed to prevent it from being leaked in the future. 

As the name suggests, a clear website is hosted directly on the Internet. It does not need any special software to be accessed, like an anonymous network like Tor. Using this new method, we will be able to access and access the leaked data more easily and it will likely cause the data to be indexed by search engines in the future, thus causing the leak to spread increasingly.

Security researcher Dominic Alvieri has discovered that the Cl0p ransomware gang has just publicly posted the data that they have stolen from the MOVEit Transfer platform in May in the public domain. Due to a zero-day vulnerability found in the secure file transfer platform, the gang exploited a vulnerability in that platform to compromise hundreds of businesses and government institutions across the globe and lead to hundreds of data breaches.  

There are several differences between Clop's dumps and those of some previous infiltrations. The most noticeable is that the data has been released in large files rather than organized into specific searchable items. In addition, the site has not been hosted on the Tor network. 

Dark Web vs Clear Web 


A Clear Web is one of the portions of the internet that is easy to use and can be indexed by search engines like Google. It is also known as the Surface Web or Visible Web because it makes up a part of the web that is easily accessible. Generally speaking, it describes websites and web pages that are accessible through standard web browsers and do not require any special configuration to be used. 

Alternatively, the Dark Web is one of the areas of the internet that is intentionally hidden from traditional search engines and hence is not indexed by them. To access the Dark Web, you will need specialized software, such as the Tor browser, which allows you to perform anonymous and secure operations while browsing the Dark Web. 

In addition to anonymity, this domain name allows users to access hidden websites using the ".onion" extension. On the Dark Web, there are many illicit activities, illegal markets, and anonymous forums where users can communicate anonymously with one another without revealing their identities. These activities are often associated with illicit activities. 

Cybercrime has recently developed clearnet websites hosted on the surface web. These websites extort stolen data to blackmail their victims. As part of its blackmail campaign, Clop has recently developed this tactic. As to their first attempt to leak data, they had to upload four spanned ZIP archives, which they had stolen from the PWC business consulting firm. TD Ameritrade, Aon, Kirkland, Ernest & Young, and TD Ameritrade later used claims of leaks by Cl0p to leak data from their systems to the public. 

They aim to create panic among employees, executives, and business partners affected by stolen data. This is so that they will exert additional pressure on the company to pay the ransom to lower their security. 

Even though there may be some benefits to leaking data in this way, they also have their own set of problems. This is because they are much easier to take down when put on the internet rather than Tor. 

Currently, all known Clop Clearweb extortion sites have been taken offline, meaning they cannot be accessed. This is unclear whether these sites are being shut down because of law enforcement seizures, DDoS attacks carried out by cybersecurity firms, or because hosting companies and registrars are shutting them down until further notice. It's questionable whether this extortion tactic is worth the effort since it can easily be shut down, and that they can be shut down at any time.
Read more »
Subscribe to: Posts (Atom)